As technology advances, the number of files being kept on computing devices is growing significantly. Computers and mobile devices operate under the control of different operating systems (OS) and usually contain varied installed applications and user files. Moreover, the applications and components of the operating system are regularly updated, as a result of which the very same component may have different versions on different devices, or for different users. The .NET® platform offered by Microsoft® is becoming increasingly popular, contributing to the increase of overall user files. Many applications are being adapted to this technology. One of the key features of the .NET platform is that, regardless of the high-level language of the .NET platform used in creating an application, the compiler converts the initial code into an intermediate language, referred to as Microsoft Intermediate Language (MSIL). MSIL is a set of instructions that are independent of the processor and that can be effectively transformed into machine code.
It should be noted that the quantity of malicious software (such as computer viruses, Trojan horses, Internet worms) is also growing. Oftentimes the criminals who create malicious software also make use of the .NET platform to create the malicious software.
Security applications (such as antivirus applications) employ various methods for detecting malicious software, among which are methods of analysis of files created with the use of the .NET platform.
However, current methods of identifying harmfulness of intermediate language files are resource and time intensive. Therefore, there is a need in the art to improve the process of identifying harmfulness of intermediate language files.